5b6e80fded6a0456b94949ac5fa9b4d1

Sharing

Copy URL Twitter E-mail

General

Target

5b6e80fded6a0456b94949ac5fa9b4d1
Size

367KB
MD5

5b6e80fded6a0456b94949ac5fa9b4d1
SHA1

380f8aed1c6ae19fd4af940aecb494c1c21a7a30
SHA256

25b8a28d142b9f376dcc634a51d24858661b43e904d85d20e83a776a036e2ed2
SHA512

6075b4e291b32cbcd3aa51691705cf813f3774c87262309798f594c869cd6c6bbdd5a0506d17f362b44abec0bd84cc44cbab7361831ed58af540aebe26f75881
SSDEEP

6144:P76D7vTfz6f7eV+OXnJGIFoxlGw9WoQdPveNrqzx5Mx6ocNfnq/xuuvhiHEibbZp:o77uzkvZ1iHGw9qWxGDfoefnq5bvhYvv

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/best_answering_machine_s60v5_v3(funmaza.com)/s60v3/keygen.exe
unpack001/best_answering_machine_s60v5_v3(funmaza.com)/s60v5/keygen.exe

Files

5b6e80fded6a0456b94949ac5fa9b4d1
.zip
best_answering_machine_s60v5_v3(funmaza.com)/s60v3/FunMaza.Com - Mobile Softwares,Themes,Games,Ringtones.url
best_answering_machine_s60v5_v3(funmaza.com)/s60v3/answering_machine_v1.01_s60v3(funmaza.com).sis
best_answering_machine_s60v5_v3(funmaza.com)/s60v3/keygen.exe
.exe windows:5 windows x86 arch:x86

d67dbe4dd850e25526fc4e3857bcd02b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

comctl32

ord17

user32

SetWindowLongW

gdi32

SetBkColor

advapi32

RegCreateKeyExW

ole32

CreateStreamOnHGlobal

oleaut32

OleLoadPicture

Sections

.text
Size: 26KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
best_answering_machine_s60v5_v3(funmaza.com)/s60v5/FunMaza.Com - Mobile Softwares,Themes,Games,Ringtones.url
best_answering_machine_s60v5_v3(funmaza.com)/s60v5/ansering_machine_v1.0_s60v5(funmaza.com).sisx.sis
best_answering_machine_s60v5_v3(funmaza.com)/s60v5/keygen.exe
.exe windows:4 windows x86 arch:x86

5c77264c7a2f58cbaf6969aa7901ff1f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

comctl32

ord17

user32

CreateDialogParamW

gdi32

CreateSolidBrush

advapi32

RegCreateKeyExW

ole32

CreateStreamOnHGlobal

oleaut32

OleLoadPicture

Sections

.text
Size: 25KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d67dbe4dd850e25526fc4e3857bcd02b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

comctl32

user32

gdi32

advapi32

ole32

oleaut32

Sections

.text Size: 26KB - Virtual size: 64KB

.rsrc Size: 8KB - Virtual size: 8KB

5c77264c7a2f58cbaf6969aa7901ff1f

Headers

File Characteristics

Imports

kernel32

comctl32

user32

gdi32

advapi32

ole32

oleaut32

Sections

.text Size: 25KB - Virtual size: 56KB

.rsrc Size: 7KB - Virtual size: 8KB

.text
Size: 26KB - Virtual size: 64KB

.rsrc
Size: 8KB - Virtual size: 8KB

.text
Size: 25KB - Virtual size: 56KB

.rsrc
Size: 7KB - Virtual size: 8KB